Name change to same_origin

This commit is contained in:
Kyle Kelley 2014-01-22 18:26:15 -06:00
parent 60ab030e52
commit 7efc751d0e

View File

@ -43,19 +43,20 @@ from .handlers import IPythonHandler
class ZMQStreamHandler(websocket.WebSocketHandler): class ZMQStreamHandler(websocket.WebSocketHandler):
def is_cross_origin(self): def same_origin(self):
"""Check to see that origin and host match in the headers.""" """Check to see that origin and host match in the headers."""
origin_header = self.request.headers.get("Origin") origin_header = self.request.headers.get("Origin")
host = self.request.headers.get("Host") host = self.request.headers.get("Host")
# If no header is provided, assume we can't verify origin
if(origin_header == None or host == None): if(origin_header == None or host == None):
return True return False
parsed_origin = urlparse(origin_header) parsed_origin = urlparse(origin_header)
origin = parsed_origin.netloc origin = parsed_origin.netloc
# Check to see that origin matches host directly, including ports # Check to see that origin matches host directly, including ports
return origin != host return origin == host
def clear_cookie(self, *args, **kwargs): def clear_cookie(self, *args, **kwargs):
"""meaningless for websockets""" """meaningless for websockets"""
@ -106,7 +107,7 @@ class AuthenticatedZMQStreamHandler(ZMQStreamHandler, IPythonHandler):
def open(self, kernel_id): def open(self, kernel_id):
# Check to see that origin matches host directly, including ports # Check to see that origin matches host directly, including ports
if self.is_cross_origin(): if not self.same_origin():
self.log.warn("Cross Origin WebSocket Attempt.") self.log.warn("Cross Origin WebSocket Attempt.")
raise web.HTTPError(404) raise web.HTTPError(404)